12-17-2001 12:31 PM - edited 02-20-2020 09:56 PM
I would like to know if anyone knows or had previos experience using Pix 506 Firewall with nat and pat of how many user it will stand?
Talking with Cisco they told me It can stand 30,000 simultaneos connections. If every user uses a maximum average of: 200 connections? 100 connections ?
Then it could stand for: 30000/200 =150 user?
or 30000/100 = 300 users?
Thanks
12-26-2001 12:46 PM
NAT and PAT are not difficult tasks for the PIX. Go with Ciscos numbers. Add VPN and you can get a performance hit on the 506. In that case, you should getter a 515 instead.
01-17-2002 12:38 PM
Along a similar line of questioning--
I have a PIX 520, running v 5.1 code. I have aprox 10k workstations on users networks behind the unit. It uses aprox 15-18m of INternet acess bandwidth. I am currently using PAT translations, along with static tunnels.
How many live IP addresses should I expect to need if I get away from using PAT and beging to use NAT instead ? Is ther a formula/calculation-- or just black magic and experience ?
Thanks--
01-19-2002 12:06 AM
one address for each static, which will work for both directions and a range for the rest of the hosts.
29bit address range = 6 addresses
eg.
10 hosts inside
one mail server, one web server, = 2 statics
8 hosts left could share a global range of remaining 4 addresses. This would leave half unable to connect at a time obviously.
28bit range = 14 addresses = plenty for everybody
01-21-2002 01:50 PM
About my first question would like to know if you have any comments. Thanks
02-05-2002 07:42 AM
I couldn't imagine each user using 100 sessions. It depeneds on what your users are doing but I would say the average user may use 25 sessions max. Web browsing users will probably average 10-20 sessions.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide